OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Magento admin users with access to the customer media could execute code on the server. Versions 19.4.22 and 20.0.19 contain a patch for this issue.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| openmage/magento-lts(Packagist) | 0 | 19.4.22 | N/A |
| openmage/magento-lts(Packagist) | 20.0.0 | 20.0.19 | N/A |
CVSS Metrics
